/etc/bind.keys in a chrooted environment
Josef Moellers
jmoellers at suse.de
Wed Jul 22 14:51:57 UTC 2020
On 22.07.20 16:41, Anand Buddhdev wrote:
> On 22/07/2020 15:30, Josef Moellers wrote:
>
>>> Or just ignore the warning, and let BIND use its built-in keys.
>>
>> If /etc/bind.keys contains some additional keys, this will not work ;-)
>
> Sure, but what additional keys do you expect this file to contain? Are
> you serving an alternate signed root zone?
I'm not really sure what the partner wants to add, I have the slight
feeling that the remark about manually added keys was made by a third
person assuming ...
It turns out that it is mainly the warning the partner is irritade about.
So, let me put the question the other way round: what would happen if we
*always* copied /etc/bind.keys to the chroot environment? If there would
be no harm, I could easily add that to eg /etc/init.d/named or the
systemd service file. But the question now is: does it do any harm?
Thanks,
Josef
--
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nürnberg
Germany
(HRB 36809, AG Nürnberg)
Geschäftsführer: Felix Imendörffer
More information about the bind-users
mailing list